<?php

include 'common.php';

$ac = in_array($_GET['ac'], array('setup', 'modcp')) ? $_GET['ac'] : 'modcp';
if (Utils::submitCheck('loginsubmit')) {
    $username = $_POST['username'];
    $password = $_POST['password'];

    $query = $_SGLOBAL['db']->fetchArray($_SGLOBAL['db']->query("SELECT * FROM " . Utils::tname('member') . " WHERE username='$username' AND password='" . md5($password) . "'"));

    if ($query) {
        $authstr=LoginAuth::encode($query['uid'] . "\t" . $query['password']);
        Cookie::_set('auth', $authstr);
        switch ($ac) {
            case 'setup':
                $url = 'setup.php';
                break;
            default :
                $url = 'modcp.php';
        }
        header("Location:$url");
        exit;
    } else {
        $_SGLOBAL['view']->assign('errorMsg', '用户名或者密码错误');
    }
}

$_SGLOBAL['view']->assign('ac', $ac);
$_SGLOBAL['view']->display('login');
?>
